USAA Phishing Scam and Malware Campaign

US-CERT is aware of public reports of an active spear-phishing attack via email messages directed at United Services Automobile Association (USAA) members. These messages contain the subject line "Deposit Posted" and contain a randomly generated four-digit number placed in the USAA security zone section. The messages ask users to open an attached file containing malicious software that if activated could provide access to a user's personal information.

US-CERT encourages users to do the following to help mitigate the risk:

• Review the alert posted by USAA regarding this issue.
• Do not open attachments in email messages from unknown sources.
• Refer to Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
• Install anti-virus software and keep virus signature files up to date.